Webhooks

Webhooks are used to asynchronously deliver information about payment status changes. We send HTTP POST notifications to your specified WEBHOOK_URL when a payment state changes.

Request Endpoint

POSTWEBHOOK_URL

Headers

Name	Value
`Content-Type`	`application/json`
`Accept`	`application/json`

Request Body

Name	Type	Description
`type`	string	Notification type
`data`	object	Data object
`salt`	string	Random string
`sign`	string	Notification signature

Response Body

Name	Type	Description
`status`	boolean	Notification processing result
`msg`	string	Error description

Response Example

json

{
	"status": true
}

Important

A webhook is considered successfully processed only if all of the following conditions are met:

Content-Type: application/json
The response body contains JSON with the "status": true field

In this case, further webhook delivery attempts are stopped.

If at least one of the successful delivery conditions is not met, the system will make up to 100 attempts to deliver the notification: the first retry attempt will be made after 5 minutes, the second after 10 minutes, the third after 15 minutes, and all subsequent retries every 30 minutes.

Signature verification (sign)

To verify the signature, follow these steps:

Retrieve the request body and convert it into an array.
Remove the sign key.
Calculate the signature using the HMAC-SHA256 algorithm based on the JSON representation of the array and the secret token key.

Webhook handler example

php

$token = '041131a0906b08a5bebc1d4fdcc6d9';

header('Content-Type: application/json');

$inputJSON = file_get_contents('php://input');
$input = json_decode($inputJSON, true);

$input_sign = $input['sign'];
unset($input['sign']);

$sign = hash_hmac('sha256', json_encode($input), $token);

if (!hash_equals($input_sign, $sign)) {
    http_response_code(400);
    echo json_encode([
        'status' => false,
        'msg' => 'Invalid signature'
    ]);
    exit;
}

// Execute your logic

http_response_code(200);
echo json_encode([
    'status' => true
]);
exit;

List of IP addresses used to send notifications

Add our IP addresses to your firewall whitelist

45.76.81.14
2001:19f0:6c01:878:5400:5ff:fe38:50d1
207.148.69.64
2401:c080:1400:109b:5400:5ff:fe95:20d3

Webhooks ​

Request Endpoint ​

Headers ​

Request Body ​

Response Body ​

Response Example ​

Signature verification (sign) ​

Webhook handler example ​

List of IP addresses used to send notifications ​